Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Theo
Collaborator

Route Internet Traffic to Site over VPN Tunnel

OS: R80.30

Type of Connection: Mobile Access

VPN Application: Capsule VPN (Android)

Target Application to Work: MS PowerApps

 

We have customized PowerApps project deployed/installed in tablet of our user in China. As we all know, even Microsoft apps are having problems when working inside China because of internet restriction. The PowerApps is working normally as tested out of China, what we did is we installed Capsule VPN to subject tablet and connect to our Headoffice.

The VPN tunnel established successfully, but PowerApps is still having problem syncing the data from tablet to server.

We want to route internet traffic of tablet after it successfully connect the VPN, is this possible? If yes, any lead/ ideas how to do? Also, just to add we have Proxy server in HQ and we're thinking of using it once the VPN has been established, not sure how to apply this in specific application in PowerApps or how the Android will use proxy once VPN is connected.

0 Kudos
8 Replies
mdjmcnally
Advisor

I believe that you can still enable Hub Mode for the Capsule VPN Clients.

 

Global Properties / Remote Access / SecureClient Mobile

Security Settings - Route all traffic to gateway

Set to Yes

 

Also set this under Endpoint Connect as well.

 

Make sure that set NAT on the Office Mode range so that when connects to Internet that is NATed.

 

That should by my understanding have the VPN Client send the traffic over the VPN tunnel 

0 Kudos
Theo
Collaborator

hi @mdjmcnally, are you referring to this article? https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Re: "Make sure that set NAT on the Office Mode range so that when connects to Internet that is NATed." should i do this in the security gateway? i forgot to mentioned that security gateway uses HA/ cluster
0 Kudos
Wolfgang
Authority
Authority

Theo,

you can route all traffic via VPN to your central gateway:

Hub-mode.PNG

As @mdjmcnally  mentioned, you have to enable for this for the different clients, but I think you have to have to enable this here for the capsule VPN clients.

Wolfgang

0 Kudos
Theo
Collaborator

@Wolfgang my security gateway has this settings, but looks like the internet traffic is not routed to the gateway
0 Kudos
ikafka
Collaborator

I have a question. Is there a similar setting in IPSEC VPN to allow users in the branch office to access the internet from Check Point in HQ?

0 Kudos
PhoneBoy
Admin
Admin

Yes, it’s in the relevant VPN Community object.
Should be configured as a Star with VPN Routing configured with “To the center or through the center to other satellites, to the internet, and other VPN targets.”
See also: https://support.checkpoint.com/results/sk/sk182072

0 Kudos
ikafka
Collaborator

I guess we cannot do that in mesh topology.

0 Kudos
PhoneBoy
Admin
Admin

In a full mesh community, correct.
Multiple VPN communities may be required here to achieve the desired result.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events